Alejandro,
Would you mind posting your Realm implementation?
I tried just providing a CacheManager to the constructor for
AuthorizingRealm but there must be something else missing as i still
have 2 problems:
1. The SimpleAccount is not being cached after the credentials have been
checked (ie after doGetAuthenticationInfo) but is then being requested
for the 'hasRole' check
2. I get an exception:
Caused by: java.lang.IllegalArgumentException: Cache name cannot be null
or empty.
at
org.apache.shiro.cache.AbstractCacheManager.getCache(AbstractCacheManager.java:61)
at
org.apache.shiro.realm.AuthorizingRealm.getAuthorizationCacheLazy(AuthorizingRealm.java:245)
at
org.apache.shiro.realm.AuthorizingRealm.getAvailableAuthorizationCache(AuthorizingRealm.java:260)
at
org.apache.shiro.realm.AuthorizingRealm.getAuthorizationInfo(AuthorizingRealm.java:322)
at
org.apache.shiro.realm.AuthorizingRealm.hasRole(AuthorizingRealm.java:567)
Also, could you explain how the cache entries are evicted? would this
happen at exactly the time the httpsession is invalidated?
Thanks, Paul.
On 23/11/2010 1:28 AM, Alejandro Scandroli wrote:
Hi Paul
The AuthorizingRealm constructor can take a CacheManager as a parameter.
In our case we use the EhCacheManager.
That's all you need!
Cheers.
Alejandro
On Fri, Nov 19, 2010 at 12:58 AM, Paul Stanton<p...@mapshed.com.au> wrote:
Kalle,
I'm think I'm making progress however I haven't found a good guide to
confirm I'm on the right track.
I have a persistent User entity (db+hibernate). The user has multiple roles.
I only really want to use the RequiresRoles annotation on pages (and some
methods) at this point.
So what I've done so far:
AuthorizingRealm and my doGetAuthenticationInfo creates a SimpleAccount with
the roles set populated.
But once the code hits a RequiresRole annotation, the
realm.doGetAuthorizationInfo is called.
I don't want to go back to my persistent entity at this point since I've
already told the security module about the user's roles.
How do I make AuthorizingRealm cache the SimpleAccount returned from
doGetAuthenticationInfo and use it for doGetAuthorizationInfo?
Also, I'd expect this cache element to have the same lifecycle as the user's
session, is that the case?
Thanks, Paul.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org
For additional commands, e-mail: users-h...@tapestry.apache.org
